Is your business running into cybersecurity threats frequently? Are you noticing more and more phishing attacks targeting your employees? Well, you’re not alone.

No one likes hacked accounts. Am I right? A hacked account can result in financial loss, identity theft, or just a whole lot of wasted time. None of which is fun. But unfortunately, you don’t have too much control over what is or is not hacked when it comes to third party data breaches. All you have control over is the aftermath. So, if you happen to find yourself on the receiving end of a data breach, here is what you should remember.

Usernames and passwords are quickly becoming the sole way we maintain the privacy and security of our sensitive information. We exist in a world where everything you do requires some form of password.

While the number of people falling for sending personal information to the crown prince of Nigeria in hopes of receiving his promised wealth and riches seems to be dropping, phishing remains a major issue. In fact, the number of phishing campaigns pursued by hackers around the world had a 667% increase within the last year that were using the coronavirus as a lure. What exactly is phishing? Hackers mimic the emails, forms, and websites of legitimate companies in an effort to lure people into providing their private, personal information, like credit cards numbers, social security information, account logins, and personal identifiers. The victim typically doesn’t realize they’ve been compromised until long after the event, and oftentimes only after their identity or finances are affected. In the past, an attack was carried out relatively quickly. As soon as the victim gave up their information, the hacker moved in and stole money from the compromised bank account. Today, it’s often more lucrative for hackers to sell that information on the Dark Web, resulting in longer-lasting, even more devastating attacks.

In the last decade, billions of people have had their information stolen from one, if not multiple, business sectors. Technology is constantly expanding, and with new technology comes new ways of hacking into seemingly secure data. As technology advances, people tend to forget about outdated technology and are lackadaisical about security. Outdated devices, human error, malware and theft are all things that contribute greatly to the possibility of a data breach. It’s important to ensure companies are well aware of all possible breaches in order to secure them. No business wants to face the PR nightmare other companies have.

There are 560,000 new pieces of malware detected every day, according to a report by AV-Test Institute. Malware is one of the most notorious threats to cybersecurity out there. However, there's a lesser-known type of malware called malvertising. Malvertising is a trap anyone could fall for, and businesses are susceptible to it.

Cyber-criminals utilize several types of display advertisements to distribute malware.

Most people are aware of terms like phishing and malware, but do you know those are a part of a larger scheme called social engineering? This is not a new kind of fraud; in fact, it’s been used for many years to manipulate a wide range of people into giving up important data about themselves or the workplace. A prime example of social engineering goes back to Greek mythology with the Trojan horse. They infiltrated the city of Troy with a “peace offering” filled with soldiers, thus winning the war. With technology at the forefront of our lives, social engineering has entered a new era. Physical human interaction is not necessarily required anymore. These criminals can gain information through emails, pop-ups, and public Wi-Fi networks, to name a few. The main objective is to influence, manipulate or trick users into giving up privileged information or access within an organization. They are doing this right under your nose, and if you’re not paying attention, you will be a victim of this as well.

On April 29th, one of the largest fuel pipelines in the U.S, Colonial Pipeline Co. was hacked, which led to major shortages in fuel across the East Coast. New information came out this weekend regarding what may have led to the weak spot in Colonial Pipelines system resulting in the attack on their network. Apparently, an old account was not decommissioned correctly and still had access to the network by virtual private network (VPN). As a result, a hacker was able to obtain the password from the dark web and used their illicit access to demand cryptocurrency in return of the Colonial Pipeline system. Colonial paid the hackers $4.4 million in order to avoid confidential information from getting leaked.

When it comes to external threats, there is a lot to know. An external threat is when someone from outside the company uses malicious software or hacking as a way to take advantage of system vulnerabilities. As a managed service provider, we get a lot of questions from our clients on external threats, so we decided to use our experience and knowledge to help educate users on the most common forms of external threats, ransomware and phishing. The first step to combating external threats, is understanding them.